Adm. John C. Harvey Jr., center, commander of U.S. Fleet Forces Command, speaks with Gen. Chen Bingde, Chief of the General Staff of the Republic of China People's Liberation Army, during a tour of Carrier Airborne Early Warning Squadron (VAW) 126.

Five members of the Chinese military have been accused of hacking into major US corporations, stealing trade secrets in actions that US Attorney General Eric Holder said the "United States categorically denounces."

The companies, ranging from Alcoa to Westinghouse, were allegedly attacked by five members of the People's Liberation Army between 2006 to 2014. The stolen trade secrets are connected to everything from nuclear to renewable energy, according to an indictment unsealed Monday (PDF).

"We must say, 'enough is enough,'" Holder said at a news conference.

Another revelation from the indictment was Chinese telecommunications firm Huawei being penetrated by the NSA. The telecom giant, the US has maintained, was an avenue for the China government's cyber-snooping.

Holder stated that it was not appropriate to compare Monday's indictments in Pennsylvania to the global spying capabilities of the US government disclosed by National Security Agency whistleblower Edward Snowden. The US was engaged in intelligence activities. The Chinese spying on US corporations, he said, was "to gain commercial advantage."

"That is what makes this different," Holder said.

Legal experts said this was a precedent-setting case, the first time the US levied hacking charges (some the same as those brought against the late Aaron Swartz) against a foreign government.

Further Reading

"It is the first time the Computer Fraud and Abuse Act, the federal computer crime statute, and the Economic Espionage Act, the federal criminal trade secrets act, has been used against representatives of a foreign government," said Nick Akerman, a legal expert with the law firm Dorsey and Whitney.

The suspects, who are in China, were allegedly employed by "Unit 61398," a branch of the People's Liberation Army in Shanghai. They used online handles like "UglyGorilla," "WinXYHappy," "hay_lhx," "KandyGoo," and "Jack Sun." The indictment stated they worked with the military's General Staff, Third Department, a "signals intelligence" component.

The indictment provided few details on the nature of the hack. But one method it noted was "spear-phishing." The e-mail messages the accused sent to company employees installed malware and provided backdoors to the targeted company servers, according to the indictment.

Holder declined to say whether the five would ever be tried in a US courtroom, although that was his "intention."

The real names of the accused are Wang Dong, Sun Kailiang, Wen Xinyu, Huang Zhenyu, and Gu Chunhui. They are suspected of breaking into more than 1,700 US Steel servers, hacking into nuclear power piping systems of Westinghouse nuclear power plants, and even breaking into the e-mail accounts of members of the steelworkers' trade group: United Steel, Paper and Forestry, Rubber, Manufacturing, Energy, and Allied Industrial and Services Workers International Union. The union had been critical of Chinese steel dumping practices.

The indictment says the hackers also broke into the e-mail of executives at aluminum-maker Alcoa, getting away with nearly 3,000 e-mails and more than 800 attachments.

Federal authorities said Monday that more arrests are likely in connection to this and other hacks.

In the wake of the Snowden disclosures, the President Barack Obama administration had sidelined its move to target overseas hackers. But Holder and others at a news conference said the time had come to alter course.

"Hacking, spying, and cybertheft for commercial gain can and will be prosecuted criminally, even when the defendants are state actors," said David Hickton, the US Attorney for the Western District of Pennsylvania, where many of the intrusions are said to have occurred.

The timing of the US chess move against the Chinese government, largely viewed as a political message, was not lost on observers.

"One casualty of the Snowden leaks was the initiatives the Obama administration mounted in the first half of 2013 against the pervasive nature of Chinese economic espionage," said David Fidler, an Indiana University Maurer School of Law cybersecurity expert. "The US government is returning to what had been, pre-Snowden, one of the biggest cybersecurity problems the US and other countries faced."

David Kravets / The senior editor for Ars Technica. Founder of TYDN fake news site. Technologist. Political scientist. Humorist. Dad of two boys. Been doing journalism for so long I remember manual typewriters with real paper.